<?php
/* configuration */
error_reporting(0);

/* functions */
function getDefinedVars($varList, $excludeList)
{
	$temp1 = array_values(array_diff(array_keys($varList), $excludeList));
	$temp2 = array();
	while (list($key, $value) = each($temp1)) 
	{
		global $$value;
		$temp2[$value] = $$value;
	}
	return $temp2;
}

/* basic authentication check */
if (!isset($_SESSION["adminid"]) || !defined('ROOTDIR'))
{
	exit();
}

/* JS and CSS */
?>
<script type="text/javascript" src="../modules/admin/developer/ibox/ibox.js"></script>
<script type="text/javascript">
$(document).ready(function(){$(".tabbox").css("display","none");var selectedTab;$(".tab").click(function(){var elid=$(this).attr("id");$(".tab").removeClass("tabselected");$("#"+elid).addClass("tabselected");$(".tabbox").slideUp();if(elid!=selectedTab){selectedTab=elid;$("#"+elid+"box").slideDown();}else{selectedTab=null;$(".tab").removeClass("tabselected");}$("#tab").val(elid.substr(3));});
<?php
if (!isset($_REQUEST["tab"]))
	echo 'selectedTab = "tab1";
			$("#tab1").addClass("tabselected");
			$("#tab1box").css("display","");';
else
	echo 'selectedTab = "tab'.intval($_REQUEST["tab"]).'";
			$("#tab'.intval($_REQUEST["tab"]).'").addClass("tabselected");
			$("#tab'.intval($_REQUEST["tab"]).'box").css("display","");';
?>
});
function doDelete(id,t){if(confirm("Are you sure you want to delete this config?")){window.location='<?php echo $modulelink;?>&op=delconfig&id='+id+'&tab='+t;}};
iBox.setPath("ibox/");iBox.fade_in_speed=5;iBox.fade_out_speed=5;
</script>
<?php

/* initialization */
$tabs = array();

/* data collection */

// permission to view php info -> view PHP variables and declared functions
$permid = 57; 
if (mysql_num_rows(mysql_query("SELECT permid FROM tbladmins JOIN tbladminperms ON tbladmins.roleid = tbladminperms.roleid WHERE permid=".$permid." AND tbladmins.id=". intval($_SESSION["adminid"]).";")))
{	
	$excludeList = array('GLOBALS', '_FILES', '_COOKIE', '_POST', '_GET', '_SERVER', 'templang', '_LANG', 'HTTP_SERVER_VARS', 'excludeList');
	$v = get_defined_vars();
	$tabs["PHP Info"] = '<pre>'.htmlspecialchars(print_r(getDefinedVars($v, $excludeList),true)).'</pre>';
	$f = get_defined_functions();
	$tabs["PHP Info"] .= '<hr><br/>Declared functions:<br/><pre>'.htmlspecialchars(print_r($f['user'],true)).'</pre>';
}

// roleid = 1 (Full Administrator) -> create, view and edit mod_config
$roleid = 1; 
if (mysql_num_rows(mysql_query("SELECT * FROM tbladmins WHERE roleid=".$roleid." AND tbladmins.id=". intval($_SESSION["adminid"]).";")))
{
	/* process post/get request */
	if (isset($_REQUEST["op"]))
	{
		unset($error_msg);
		// add new config value
		if (($_REQUEST["op"]=="addconfig") && isset($_REQUEST["cfg_module_name"]) && isset($_REQUEST["cfg_config"]))
		{			
			if (!mysql_query("INSERT INTO mod_config (id, module, config, val, comment) VALUES (NULL, '".mysql_real_escape_string($_REQUEST["cfg_module_name"])."', '".mysql_real_escape_string($_REQUEST["cfg_config"])."', '".mysql_real_escape_string($_REQUEST["cfg_value"])."', '".mysql_real_escape_string($_REQUEST["cfg_comment"])."');"))
				$error_msg = mysql_error();				
		}
		// delete config value
		else if (($_REQUEST["op"]=="delconfig") && isset($_REQUEST["id"]))
		{
			if (!mysql_query("DELETE FROM mod_config WHERE id='".intval($_REQUEST["id"])."';"))
				$error_msg = mysql_error();
		}
		// edit config value
		else if (($_REQUEST["op"]=="editconfig") && isset($_REQUEST["id"]) && isset($_REQUEST["cfg_value"]))
		{
			if (!mysql_query("UPDATE mod_config SET val='".mysql_real_escape_string($_REQUEST["cfg_value"])."', comment='".mysql_real_escape_string($_REQUEST["cfg_comment"])."' WHERE id='".intval($_REQUEST["id"])."';"))
				$error_msg = mysql_error();
		}
	}

	$tabs["Mod Config"] = '<div class="tablebg">
								<table class="datatable" width="100%" border="0" cellspacing="1" cellpadding="3">
								<tr><th>Module</th><th>Config Name</th><th>Config ID</th><th>Value</th><th>Comment</th><th></th></tr>';
	$result = mysql_query("SELECT * FROM mod_config ORDER BY module, config;");
	$tmp = "";
	if (mysql_num_rows($result))
	{
		while ($configs = mysql_fetch_assoc($result))
		{
			$tabs["Mod Config"] .= '<tr><td>'.$addon_modules[$configs["module"]].'</td><td>'.$configs["config"].'</td><td>'.$configs["id"].'</td><td>'.$configs["val"].'</td><td>'.$configs["comment"].'</td><td><a href="#cfg'.$configs["id"].'" rel="ibox&width=70%" title="Edit"><img src="images/edit.gif" width="16" height="16" border="0" alt="Edit"></a><a href="#" onClick="doDelete(\''.$configs["id"].'\',\''.(count($tabs)-1).'\')"><img src="images/delete.gif" width="16" height="16" border="0" alt="Delete"></a></td></tr>';
			$tmp .= '<div id="cfg'.$configs["id"].'" style="display:none;" class="tablebg">
								<form method="post" action="'.$modulelink.'">
								<table class="datatable" width="100%" border="0" cellspacing="1" cellpadding="3">
								<tr><th>Module</th><th>Config Name</th><th>Config ID</th><th>Value</th><th>Comment</th><th></th></tr>
									<input type="hidden" name="op" value="editconfig">
									<input type="hidden" name="id" value="'.$configs["id"].'">
									<input type="hidden" name="tab" value="'.(count($tabs)-1).'">
								<tr><td>'.$addon_modules[$configs["module"]].'</td>
								<td>'.$configs["config"].'</td>
								<td>'.$configs["id"].'</td>
								<td><input type="text" size="50" name="cfg_value" value="'.$configs["val"].'"></td>
								<td><input type="text" size="50" name="cfg_comment" value="'.$configs["comment"].'"></td>
								<td><input type="submit" value="Save"></td></tr></table>
								</form>
							</div>';
		}
	}
	$tabs["Mod Config"] .= '<form method="post" action="'.$modulelink.'">														
														<input type="hidden" name="op" value="addconfig">
														<input type="hidden" name="tab" value="'.(count($tabs)-1).'">
							<tr><td><select name="cfg_module_name">';
	foreach ($addon_modules as $adm => $adm_name)
	{
		$tabs["Mod Config"] .= "<option value='".$adm."'>".$adm_name;
	}
	$tabs["Mod Config"] .= '</select></td><td><input type="text" size="15" name="cfg_config"></td><td></td><td><input type="text" size="50" name="cfg_value"></td><td><input type="text" size="50" name="cfg_comment"></td><td><input type="submit" value="Add New"></td></tr>
							</form>
							</table>
						</div>'.$tmp;

	if (isset($error_msg) && ($error_msg!=""))
		$tabs["Mod Config"] .= "<div class='infobox'>".$error_msg."</div>";
}

/* display */
echo '<div id="tabs">
				<ul>';
$x = 0;				
foreach ($tabs as $t => $s)
{
	echo	'<li id="tab'.$x++.'" class="tab"><a href="javascript:;">'.$t.'</a></li>';
}
echo   '</ul>
			</div>';
$x = 0;				
foreach ($tabs as $t => $s)
{
	echo '<div id="tab'.$x++.'box" class="tabbox">
					<div id="tab_content" style="text-align:left;">'.$s.'
					</div>
				</div>';
}						
?>